﻿using System;
using System.Data.SqlClient;
using System.Linq;
using System.Web;
using System.Web.Security;
using QTMusic.BaseClasses;

namespace QTMusic.Websites
{
    public partial class Login : System.Web.UI.Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {
            HttpCookie cookie = Request.Cookies["QTCookie"];
            if (cookie != null)
            {
                string id = cookie["ID"];
                Response.Redirect("Profile.aspx?id=" + id);
            }
            else
            {
                lblResult.Style["color"] = "Red";
                lblResult.Text = "Xin hãy đăng nhập.";
            }
        }

        protected void cmdLogin_Click(Object sender, EventArgs e)
        {
            bool errors = true;
            string redirectUrl = "";
            string id;

            string selectUser = "SELECT * FROM [user] WHERE user_name = @userName";
            SqlConnection conn = new SqlConnection(Common.connString);
            SqlCommand cmdUser = new SqlCommand(selectUser, conn);
            cmdUser.Parameters.AddWithValue("@userName", txtUsername.Text);
            SqlDataReader reader;

            try
            {
                conn.Open();
                reader = cmdUser.ExecuteReader();
                reader.Read();
                // name exists
                if (reader.HasRows)
                {
                    // password OK: redirect to the originally requested page
                    if ((string)reader["user_password"] == txtPassword.Text)
                    {
                        id = reader["user_id"].ToString();
                        conn.Close();

                        HttpCookie cookie = new HttpCookie("QTCookie");
                        cookie["Name"] = txtUsername.Text;
                        cookie["ID"] = id;
                        if (chkKeepLoggedin.Checked)
                            cookie.Expires = DateTime.Now.AddYears(1);
                        Response.Cookies.Add(cookie);

                        redirectUrl = FormsAuthentication.GetRedirectUrl(txtUsername.Text, true);
                        errors = false;
                    }
                    // wrong password
                    else
                    {
                        conn.Close();
                        lblResult.Style["color"] = "Red";
                        lblResult.Text = "Mật khẩu sai.";
                    }
                }
                // name does not exist
                else
                {
                    conn.Close();
                    lblResult.Style["color"] = "Red";
                    lblResult.Text = "Tên người dùng này không tồn tại.";
                }
            }
            catch (Exception loginE)
            {
                conn.Close();
                Common.WriteToEventLog(loginE, "Login");
                lblResult.Style["color"] = "Red";
                lblResult.Text = "Xảy ra trục trặc. Hãy thử đăng nhập lại.";
            }
            if (errors == false)
            {
                if (redirectUrl == "/default.aspx")
                    redirectUrl = "Default.aspx";
                Response.Redirect(redirectUrl);
            }
        }

        public void cmdSignup_Click(object sender, EventArgs e)
        {
            Response.Redirect("Register.aspx");
        }
    }
}